|
Home > News > Tags > Security Development Lifecycle
|
|
30
Stories about: Security Development Lifecycle |
|
|
On May 16th, at the inaugural Security Development Conference 2012 in Washington D.C., Microsoft unveiled that the adoption of Security Development Lifecycle (SDL) has expanded beyond the software industry. The Redmond-based software giant notes that SDL has already seen adoption from governments and businesses tha... |
17 May 2012
12:31 GMT |
 |
|
Microsoft is registering progress when it comes to its products influencing the development of the security ecosystem out there.
This year, the company celebrates ten years of Trustworthy Computing and eight years since the creation of its Security Development Lifecycle (SDL).
SDL, a software development security... |
2 February 2012
09:23 GMT |
|
|
Microsoft has been sharing its Security Development Lifecycle with third-party developers free of charge for years now, but despite its many advantages, SDL is still regarded with skepticism by some.
Part of the software giant’s strategy to get as many devs as possible to embrace its software development secu... |
9 November 2011
10:55 GMT |
|
|
After it successfully bulletproofed its own software with the help of the Security Development Lifecycle process, Microsoft started sharing its SDL resources with third-parties in 2008, free of charge. Three years later SDL tools and methodology have been downloaded nearly 700,000 times, a Microsoft representative r... |
26 August 2011
08:16 GMT |
|
|
A free collection of resources from Microsoft is available to customers looking for a starting point when it comes down to integrating the company’s Security Development Lifecycle (SDL) practices into their own software development process. Templates for SDL Practices are now live on the Download Center, avail... |
28 April 2011
08:01 GMT |
|
|
Now at version 5.1, Microsoft’s Security Development Lifecycle has been available outside of the company, to all third-party developers, for a few years now. SDL is part of the software giant’s focus on increasing the security of its software products, and an extremely successful one at that, considering... |
31 March 2011
11:50 GMT |
|
|
The security best practices that helped Microsoft secure products including Windows 7, Windows Server 2008 R2 and Office 2010 will have a consulting services option associated with them starting next month. According to David Ladd, Principal Security Program Manager, Microsoft’s SDL team, the move was necessar... |
20 January 2011
03:12 GMT |
|
|
Protecting sensitive information must be a priority for all customers from end users to enterprises, and new free resource from Microsoft is focused on helping customers secure their data. A new Quick Security Reference is available for download dealing with Exposure of Sensitive Information, in addition to the prev... |
26 November 2010
05:48 GMT |
|
|
Microsoft has made available for download a new tool designed to help customers evaluate their projects and see whether their Cloud applications are exposed to Denial of Service attacks. The SDL Regex Fuzzer is now up for grabs from the Microsoft Download Center, free of charge, and as the official label implies, th... |
13 October 2010
06:27 GMT |
|
|
In what is without a doubt an excellent move, Microsoft is offerings select resources that helped the company bulletproof products such as Windows 7, Windows Server 2008 R2 and Office 2010 under a Creative Commons License. Essentially, the publicly available documentation related to the Microsoft Security Developmen... |
27 August 2010
08:43 GMT |
|
|
Securing software should be a top priority of the development process along with introducing new features and hitting timelines, according to Microsoft. The Redmond company has made available for download a free whitepaper in which it emphasizes the need for developers to make sure that customers are protected right ... |
6 July 2010
04:11 GMT |
|
|
The rich clients and services that make up the next generation of the Windows Live suite have been bulletproofed against security threats using the same strategy that proved a success for major Microsoft software products such as Windows 7 and Windows Vista. Essentially, the Redmond company applied the Security Devel... |
18 June 2010
11:11 GMT |
|
|
The final version of the MSF-Agile plus Security Development Lifecycle Process Template for Visual Studio 2010 is now available for download from Microsoft. Developers have already been able to take advantage of the SDL process template for Visual Studio from the Redmond company, with a Beta release of MSF-A+SDL des... |
28 May 2010
05:22 GMT |
|
|
A new version of the Microsoft Security Development Lifecycle (SDL) Process Guidance is now accessible on MSDN and available via the Microsoft Download Center. Developers interested in securing their software using the same methods as the Redmond company can take advantage of SDL version 5.0 online, or download the r... |
6 April 2010
09:27 GMT |
|
|
Mid-February 2010 brought with the release of the CWE/SANS Top 25 Most Dangerous Programming Errors, a comprehensive list designed to highlight the most severe mistakes made by programmers when writing code for their applications. The programming errors collection has a crucial relevance for developers, bugs in the s... |
25 February 2010
08:51 GMT |
|
|
Microsoft is using Black Hat DC as the stage to introduce new resources for third-party developers that want to embrace the security assurance process that helped it deliver additional protection to end users via all products past Windows Vista, Windows 7 included. In this regard, the Redmond company announced the av... |
3 February 2010
10:03 GMT |
|
|
Microsoft is making it easy for third-party developers to bulletproof their software using the same security assurance process that the company applied when building products such as Windows 7 and Windows Vista. In this sense, the software giant continues on a path it set on a few years back when it started sharing r... |
3 February 2010
06:21 GMT |
|
|
At Microsoft, security work focuses on more than simply bulletproofing the company’s own products, and has spanned into educating third-party professionals on the steps needed to secure their own software and environments. At the start of this week, the software giant made available the company’s Quick S... |
19 January 2010
05:29 GMT |
|
|
Yesterday I was telling you that Microsoft released MiniFuzz to its Download Center, making the tool available for free to third-party software developers. However, the fuzzing solution MiniFuzz is just a part of the latest initiative from the Redmond company designed to allow non-Microsoft developers to adhere to it... |
17 September 2009
07:16 GMT |
|
|
Following comprehensive in-house efforts to bulletproof its software products as much as possible, in 2008 Microsoft made a move designed to share the Security Development Lifecycle process with third-party developers. At that time, the Redmond company chose to make available SDL 3.2 resources to the developer commun... |
29 May 2009
05:56 GMT |
|
|
The memcpy() C runtime function has its days numbered at Microsoft, because of its security-related notoriety. The company plans to add it to its Security Development Lifecycle (SDL) Banned Function Calls list later this year. According to the C++ Resources Network, the memcpy() function call copies the values of nu... |
15 May 2009
07:54 GMT |
|
|
Michael Howard, principal security program manager, said in the past that security was an ongoing battle in which software developers, Microsoft included, had the responsibility to continually raise the standard in order to keep one step ahead of the bad guys. Via the recently launched Baking Security In website, the... |
19 February 2009
08:14 GMT |
|
|
For Microsoft, the first inhouse documenting of Threat Modeling took place all the way back in 1999 via “Threats to our software” authored by Jason Garms, Praerit Garg and Michael Howard. With time, the methodology evolved and culminated with the introduction of the Security Development Lifecycle. Threat ... |
9 October 2008
07:44 GMT |
|
|
On September 16, Steve Lipner, senior director of security engineering strategy in Microsoft’s Trustworthy Computing Group, announced the company's intentions to share its security model with the rest of the software industry. In this regard, Lipner indicated that the Redmond giant would make available the... |
19 September 2008
09:29 GMT |
|
|
Microsoft is not yet done building Windows Vista's pedestal now that SP1 is out and about, with new efforts gearing towards rising the latest Windows client's monument on what's left of Windows XP SP3 after the discontinued availability through the retail and OEM channels. In this regard, a small aspec... |
11 July 2008
05:01 GMT |
|
|
Windows Vista was the first product to come out of Redmond developed under the comprehensive guidelines of the Security Development Lifecycle, also known as SDL. Windows Server 2008 was built under SDL as well, and Microsoft now applies the advanced secure development practices, guidelines and resources to all new pr... |
5 May 2008
06:51 GMT |
|
|
In terms of security, Windows Vista is the apex of the Windows platform. As I have already said, Non-Affected Software: Windows Vista will become a status quo that will describe the evolution of the operating system. There are several different reasons for this, but we can summarize them by the new security technolog... |
19 March 2007
12:24 GMT |
|
|
I have been hearing a lot of static lately regarding Windows Vista security. And I wanted to address the issue of how has Microsoft managed to produce yet another most secure Windows platform, just as Apple keeps advancing the world's most advanced operating system. Well, one aspect that indeed guarantees that W... |
15 March 2007
04:21 GMT |
|
|
|
|
Find us on Google+
